Virtualization Technology News and Information
Ermetic 2021 Predictions: Digital Transformation Security Threats will Dominate in 2021

vmblog 2021 prediction series 

Industry executives and experts share their predictions for 2021.  Read them in this 13th annual series exclusive.

Digital Transformation Security Threats will Dominate in 2021

By Shai Morag, CEO, Ermetic

COVID-19 has made 2020 one of the most challenging years on record for everyone, including the security industry. Despite the challenges, the past 12 months have opened up new opportunities and disrupted some long held perceptions about work from home, face to face meetings and more. Here are my security predictions for 2021.

There will be a phased shift in the way organizations enable and secure remote workers. In 2020 companies were generally putting out fires, since  they were completely unprepared for the speed and scale at which they needed to provide security for a 100 percent remote workforce. Now that the basics have been addressed and organizations understand that remote work is here to stay, the focus next year will be on implementing new security controls that provide a user experience similar to being "in the office" and improves both efficiency and team collaboration. And no less important, organizations will look for solutions that are easily managed by a remote IT organization. For example, I predict that organizations will continue to switch to SaaS applications wherever possible, and accelerate the migration of private applications to the cloud. They will look to replace slow, legacy VPN connections to the corporate network with identity-centric or zero-trust solutions.

Since remote work will continue to be the rule and not the exception in 2021 and beyond, network and the endpoint security will largely remain beyond the control of organizations. As a result, identity-centric security will top the list of enterprise priorities next year. In order to protect assets, regardless of whether they are in the cloud or on-premises, organizations will focus on  securing the people, machines and services who access them. This is the only security model that makes sense right now.

Many business transactions will remain virtual now that organizations have realized it is possible to establish trust without meeting in person. This will force organizations to implement new security controls around external business processes such as digital contracts and signatures, improved governance of file sharing and storage, and deeper control over access entitlements to enterprise data.

Large security conferences will cease to exist. Many organizations had serious doubts about their efficacy before COVID, and now a year without them will prove that they are no longer worth the expense. Small, focused security events are going to be the first to rebound, especially ones that can be delivered regionally.

Finally, on the innovation front we can expect to see more repeat entrepreneurs get funding for their security start-ups in 2021 than first time company founders. Since the pandemic has created economic uncertainty investors will prefer to finance companies that are led by founders with an established track record of success. Along these lines, there will be more large investments in successful growth-stage security companies than startups in 2021.

2021 will continue a major trend that was accelerated by the COVID-19 pandemic, the digital transformation of companies in virtually every industry. Being forced to transform business processes on the fly to accommodate work from home mandates has removed many of the barriers, real or perceived, organizations had towards moving to the cloud.

With more and more applications and data center infrastructure moving off-premises, companies will need to adapt their security models accordingly. Since the cloud uses a shared security model, with service providers owing infrastructure protection and cloud user organizations being responsible for access and data security, companies will need to implement new controls and acquire new skills for managing them.

It will be important for companies to understand the limitations of native security tools offered by cloud service providers, especially when it comes to identity, access and entitlements management. Solving these problems on-premises is already fraught with complexity, and the scale of the cloud only makes them more challenging to control. Organizations should look to leading research firms like Gartner and Forrester for insights into security alternatives that are built for the cloud.             


About the Author

Shai Morag 

Shai Morag is CEO of cloud identity and access security provider Ermetic. Previously, he was co-founder and CEO of Secdo, an incident response platform vendor acquired by Palo Alto Networks, and CEO of Integrity-Project, a software outsourcing company acquired by Mellanox. Shai also served for 10 years as an officer in senior product development and management roles with the Intelligence Unit of the Israel Defense Forces.

Published Monday, November 30, 2020 7:49 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<November 2020>